Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update github.com/golang/glog dependency to address CVE-2024-45339 #48

Closed
wants to merge 2 commits into from
Closed

Update github.com/golang/glog dependency to address CVE-2024-45339 #48

wants to merge 2 commits into from

Conversation

mge-fbe-com
Copy link

Version v1.2.4 of the github.com/golang/glog module fixes a vulnerability when creating log files.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2024-45339
golang/vulndb#3372

Ran

dhcplb % go mod tidy
go: downloading github.com/stretchr/testify v1.6.1
go: downloading github.com/davecgh/go-spew v1.1.0
go: downloading gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c
go: downloading github.com/stretchr/objx v0.1.0

@mge-fbe-com
Copy link
Author

Also update go version used in github tests.

@facebook-github-bot
Copy link

@mge-fbe-com has imported this pull request. If you are a Meta employee, you can view this diff on Phabricator.

@facebook-github-bot
Copy link

@mge-fbe-com merged this pull request in 517055e.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@xaionaro xaionaro xaionaro approved these changes

@pallotron pallotron Awaiting requested review from pallotron

@vmagro vmagro Awaiting requested review from vmagro

Assignees
No one assigned
Labels
CLA Signed Merged
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mge-fbe-com @facebook-github-bot @xaionaro